2
0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 21:17:54 +00:00

2460 Commits

Author SHA1 Message Date
Mark Andrews
dc8595936c remove broken-nsec and reject-000-label options 2021-12-23 15:13:46 +11:00
Mark Andrews
0aaaa8768f
Reject NSEC records with next field with \000 label
A number of DNS implementation produce NSEC records with bad type
maps that don't contain types that exist at the name leading to
NODATA responses being synthesize instead of the records in the
zone.  NSEC records with these bad type maps often have the NSEC
NSEC field set to '\000.QNAME'.  We look for the first label of
this pattern.

e.g.
	example.com NSEC \000.example.com SOA NS NSEC RRSIG
	example.com RRRSIG NSEC ...
	example.com SOA ...
	example.com RRRSIG SOA ...
	example.com NS ...
	example.com RRRSIG NS ...
	example.com A ...
	example.com RRRSIG A ...

	A is missing from the type map.

This introduces a temporary option 'reject-000-label' to control
this behaviour.
2021-12-02 14:27:18 +01:00
Mark Andrews
733f58a7a5
Allow servers that emit broken NSEC records to be identified
'server <prefix> { broken-nsec yes; };' can now be used to stop
NSEC records from negative responses from servers in the given
prefix being cached and hence available to synth-from-dnssec.
2021-12-02 14:27:14 +01:00
Mark Andrews
8ff2c133b5
Add dns_nsec_requiredtypespresent
checks an NSEC rdataset to ensure that both NSEC and RRSIG are
present in the type map.  These types are required for the NSEC
to be valid
2021-12-02 14:18:42 +01:00
Mark Andrews
43316a40a0
Record how often DNS_R_COVERINGNSEC is returned from the cache
reported as "covering nsec returned" when dumping cache stats
and as "CoveringNSEC" in json and xml cache statistics.
2021-12-02 14:18:41 +01:00
Mark Andrews
85bfcaeb2e
Extend dns_db_nodecount to access auxilary rbt node counts
dns_db_nodecount can now be used to get counts from the auxilary
rbt databases.  The existing node count is returned by
tree=dns_dbtree_main.  The nsec and nsec3 node counts by dns_dbtree_nsec
and dns_dbtree_nsec3 respectively.
2021-12-02 14:18:41 +01:00
Artem Boldariev
7843fb4ece XoT: add support for client-side TLS parameters
This commit adds support for client-side TLS parameters to XoT.

Prior to this commit all client-side TLS contexts were using default
parameters only, ignoring the options from the BIND's configuration
file.

Currently, the following 'tls' parameters are supported:

- protocols;
- ciphers;
- prefer-server-ciphers.
2021-12-01 12:00:28 +02:00
Artem Boldariev
0ee6f66cbd Integrate extended ACLs syntax featuring 'port' and 'transport' opts
This commit completes the integration of the new, extended ACL syntax
featuring 'port' and 'transport' options.

The runtime presentation and ACL loading code are extended to allow
the syntax to be used beyond the 'allow-transfer' option (e.g. in
'acl' definitions and other 'allow-*' options) and can be used to
ultimately extend the ACL support with transport-only
ACLs (e.g. 'transport-acl tls-acl port 853 transport tls'). But, due
to fundamental nature of such a change, it has not been completed as a
part of 9.17.X release series due to it being close to 9.18 stable
release status. That means that we do not have enough time to fully
test it.

The complete integration is planned as a part of 9.19.X release
series.

The code was manually verified to work as expected by temporarily
enabling the extended syntax for 'acl' statements and 'allow-query'
options, including ACL merging, negated ACLs.
2021-11-30 12:20:22 +02:00
Aram Sargsyan
43ac2cd229 Fix catalog zone reconfiguration crash
The following scenario triggers a "named" crash:

1. Configure a catalog zone.
2. Start "named".
3. Comment out the "catalog-zone" clause.
4. Run `rndc reconfig`.
5. Uncomment the "catalog-zone" clause.
6. Run `rndc reconfig` again.

Implement the required cleanup of the in-memory catalog zone during
the first `rndc reconfig`, so that the second `rndc reconfig` could
find it in an expected state.
2021-11-23 11:39:37 +00:00
Matthijs Mekking
6c8fc2f4f0 Add method to set extended DNS error
Add a new parameter to 'ns_client_t' to store potential extended DNS
error. Reset when the client request ends, or is put back.

Add defines for all well-known info-codes.

Update the number of DNS_EDNSOPTIONS that we are willing to set.

Create a new function to set the extended error for a client reply.
2021-11-19 09:44:28 +01:00
Artem Boldariev
51a2c7aed3 DoH: Set the "max-age" "Cache-Control" HTTP header value
This commit makes BIND set the "max-age" value of the "Cache-Control"
HTTP header to the minimal TTL from the Answer section for positive
answers, as RFC 8484 advises in section 5.1.

We calculate the minimal TTL as a side effect of rendering the
response DNS message, so it does not change the code flow much, nor
should it have any measurable negative impact on the performance.

For negative answers, the "max-age" value is set using the TTL and
SOA-minimum values from an SOA record in the Authority section.
2021-11-05 14:14:59 +02:00
Evan Hunt
a55589f881 remove all references to isc_socket and related types
Removed socket.c, socket.h, and all references to isc_socket_t,
isc_socketmgr_t, isc_sockevent_t, etc.
2021-10-15 01:01:25 -07:00
Mark Andrews
93279bb4b3 Add {krb5,ms}-subdomain-self-rhs update policy rules
The new rules compare the target name in PTR and SRV records against
the machine name embedded in the kerberos principal.  This can be
used to further restrict what PTR and SRV records can be added or
deleted via dynamic updates if desired.
2021-10-15 11:18:41 +11:00
Ondřej Surý
8be27b308f Remove unused LIBRPZ_(UN)LIKELY macros
The librpz.h defined LIRPZ_LIKELY() and LIBRPZ_UNLIKELY() macros that
were actually unused in the code.  Remove the macros and the autoconf
check for __builtin_expect().
2021-10-14 15:22:57 +02:00
Ondřej Surý
f3635bcc14 Use #pragma once as header guards
Unify the header guard style and replace the inconsistent include guards
with #pragma once.

The #pragma once is widely and very well supported in all compilers that
BIND 9 supports, and #pragma once was already in use in several new or
refactored headers.

Using simpler method will also allow us to automate header guard checks
as this is simpler to programatically check.

For reference, here are the reasons for the change taken from
Wikipedia[1]:

> In the C and C++ programming languages, #pragma once is a non-standard
> but widely supported preprocessor directive designed to cause the
> current source file to be included only once in a single compilation.
>
> Thus, #pragma once serves the same purpose as include guards, but with
> several advantages, including: less code, avoidance of name clashes,
> and sometimes improvement in compilation speed. On the other hand,
> #pragma once is not necessarily available in all compilers and its
> implementation is tricky and might not always be reliable.

1. https://en.wikipedia.org/wiki/Pragma_once
2021-10-13 00:49:15 -07:00
Ondřej Surý
edfae82c82 dns/resolver.c: Return void when ISC_R_SUCCESS is only returned value
With isc_mem_get() and dns_name_dup() no longer being able to fail, some
functions can now only return ISC_R_SUCCESS.  Change the return type to
void for the following function(s):

 * dns_zone_setprimaries()
 * dns_zone_setparentals()
 * dns_zone_setparentals()
 * dns_zone_setalsonotify()
2021-10-13 05:48:51 +02:00
Ondřej Surý
f51a9d834c dns/view.c: Return void when ISC_R_SUCCESS is only returned value
With isc_mem_get() and dns_name_dup() no longer being able to fail, some
functions can now only return ISC_R_SUCCESS.  Change the return type to
void for the following function(s):

 * dns_view_adddelegationonly()
 * dns_view_excludedelegationonly()
2021-10-13 05:47:48 +02:00
Ondřej Surý
8fb4c5bb7a dns/ssu.c: Return void when ISC_R_SUCCESS is only returned value
With isc_mem_get() and dns_name_dup() no longer being able to fail, some
functions can now only return ISC_R_SUCCESS.  Change the return type to
void for the following function(s):

 * dns_ssutable_addrule()
 * dns_ssutable_create()
 * dns_ssutable_createdlz()
2021-10-13 05:47:48 +02:00
Ondřej Surý
ecb74bae0d dns/resolver.c: Return void when ISC_R_SUCCESS is only returned value
With isc_mem_get() and dns_name_dup() no longer being able to fail, some
functions can now only return ISC_R_SUCCESS.  Change the return type to
void for the following function(s):

 * dns_resolver_addalternate()
2021-10-13 05:47:48 +02:00
Ondřej Surý
ee735ba79d dns/catz.c: Return void when ISC_R_SUCCESS is only returned value
With isc_mem_get() and dns_name_dup() no longer being able to fail, some
functions can now only return ISC_R_SUCCESS.  Change the return type to
void for the following function(s):

 * dns_catz_options_copy()
 * dns_catz_options_setdefault()
 * dns_catz_entry_new()
 * dns_catz_entry_copy()
2021-10-13 05:47:48 +02:00
Matthijs Mekking
2af05beafa Replace "master/slave" terms in code
Replace some "master/slave" terminology in the code with the preferred
"primary/secondary" keywords. This also changes user output such as
log messages, and fixes a typo ("seconary") in cfg_test.c.

There are still some references to "master" and "slave" for various
reasons:

- The old syntax can still be used as a synonym.
- The master syntax is kept when it refers to master files and formats.
- This commit replaces mainly keywords that are local. If "master" or
  "slave" is used in for example a structure that is all over the
  place, it is considered out of scope for the moment.
2021-10-12 13:11:13 -07:00
Matthijs Mekking
71b92d4d19 Replace "master/slave" terms in code comments
Replace those terms with the preferred "primary/secondary" keywords.
2021-10-12 13:09:00 -07:00
Ondřej Surý
8c819ec366 dns/rbt.c: Implement incremental hash table resizing
Originally, the hash table used in RBT database would be resized when it
reached certain number of elements (defined by overcommit).  This was
causing resolution brownouts for busy resolvers, because the rehashing
could take several seconds to complete.  This was mitigated by
pre-allocating the hash table in the RBT database used for caching to be
large-enough as determined by max-cache-size.  The downside of this
solution was that the pre-allocated hash table could take a significant
chunk of the memory even when the resolver cache would be otherwise
empty because the default value for max-cache-size is 90% of available
memory.

Implement incremental resizing[1] to perform the rehashing gradually:

 1. During the resize, allocate the new hash table, but keep the old
    table unchanged.
 2. In each lookup or delete operation, check both tables.
 3. Perform insertion operations only in the new table.
 4. At each insertion also move r elements from the old table to the new
    table.
 5. When all elements are removed from the old table, deallocate it.

To ensure that the old table is completely copied over before the new
table itself needs to be enlarged, it is necessary to increase the
size of the table by a factor of at least (r + 1)/r during resizing.

In our implementation r is equal to 1.

The downside of this approach is that the old table and the new table
could stay in memory for longer when there are no new insertions into
the hash table for prolonged periods of time as the incremental
rehashing happens only during the insertions.

The upside of this approach is that it's no longer necessary to
pre-allocate large hash table, because the RBT hash table rehashing
doesn't cause resolution brownouts anymore and thus we can use the
memory as needed.

1. https://en.m.wikipedia.org/wiki/Hash_table#Dynamic_resizing
2021-10-12 15:01:53 +02:00
Ondřej Surý
ed95f9fba3 Update the source code formatting using clang-format-13
clang-format-13 fixed some of the formatting that clang-format-12 got
wrong.  Update the formatting.
2021-10-12 11:14:40 +02:00
Ondřej Surý
2e3a2eecfe Make isc_result a static enum
Remove the dynamic registration of result codes.  Convert isc_result_t
from unsigned + #defines into 32-bit enum type in grand unified
<isc/result.h> header.  Keep the existing values of the result codes
even at the expense of the description and identifier tables being
unnecessary large.

Additionally, add couple of:

    switch (result) {
    [...]
    default:
        break;
    }

statements where compiler now complains about missing enum values in the
switch statement.
2021-10-06 11:22:20 +02:00
Evan Hunt
24dbf9849e refactor dispatch cancellation
Renamed some functions for clarity and readability:

- dns_dispatch_addresponse() -> dns_dispatch_add()
- dns_dispatch_removeresponse() -> dns_dispatch_done()

The dns_dispatch_cancel() function now calls dns_dispatch_done()
directly, so it is no longer ever necessary to call both functions.

dns_dispatch_cancel() is used to terminate dispatch connections
that are still pending, while dns_dispatch_done() is used when they
are complete.
2021-10-05 10:18:48 -07:00
Evan Hunt
cd8a081a4f Remove libdns init/shutdown functions
as libdns is no longer exported, it's not necessary to have
init and shutdown functions. the only purpose they served
was to create a private mctx and run dst_lib_init(), which
can be called directly instead.
2021-10-04 13:57:32 -07:00
Evan Hunt
8551ad026f dispatch: Fix several connect-related issues
- startrecv() and getnext() have been rewritten.

- Don't set TCP flag when connecting a UDP dispatch.

- Prevent TCP connections from trying to connect twice.

- dns_dispatch_gettcp() can now find a matching TCP dispatch that has
  not yet fully connected, and attach to it.  when the connection is
  completed, the connect callbacks are run for all of the pending
  entries.

- An atomic 'state' variable is now used for connection state instead of
  attributes.

- When dns_dispatch_cancel() is called on a TCP dispatch entry, only
  that one entry is canceled. the dispatch itself should not be shut
  down until there are no dispatch entries left associated with it.

- Other incidental cleanup, including removing DNS_DISPATCHATTR_IPV4 and
  _IPV6 (they were being set in the dispatch attributes but never used),
  cleaning up dns_requestmgr_create(), and renaming dns_dispatch_read()
  to the more descriptive dns_dispatch_resume().
2021-10-02 11:39:56 -07:00
Ondřej Surý
e317386090 dispatch: Remove 'timeout' callback
- It is no longer necessary to pass a 'timeout' callback to
  dns_dispatch_addresponse(); timeouts are handled directly by the
  'response' callback instead.

- The netmgr handle is no longer passed to dispatch callbacks, since
  they don't (and can't) use it. instead, dispatch_cb_t now takes a
  result code, region, and argument.

- Cleaned up timeout-related tests in dispatch_test.c
2021-10-02 11:39:56 -07:00
Evan Hunt
8b532d2e64 dispatch: Refactor to eliminate dns_dispatchevent
- Responses received by the dispatch are no longer sent to the caller
  via a task event, but via a netmgr-style recv callback.  the 'action'
  parameter to dns_dispatch_addresponse() is now called 'response' and
  is called directly from udp_recv() or tcp_recv() when a valid response
  has been received.

- All references to isc_task and isc_taskmgr have been removed from
  dispatch functions.

- All references to dns_dispatchevent_t have been removed and the type
  has been deleted.

- Added a task to the resolver response context, to be used for fctx
  events.

- When the caller cancels an operation, the response handler will be
  called with ISC_R_CANCELED; it can abort immediately since the caller
  will presumably have taken care of cleanup already.

- Cleaned up attach/detach in resquery and request.
2021-10-02 11:39:56 -07:00
Evan Hunt
81a22cbf5f Remove DISPATH_TRACE, RESOLVER_TRACE and REQ_TRACE logging
Remove the debugging printfs. (leaving this as a separate commit rather
than squashing it so we can restore it in the future if we ever need it
again.)
2021-10-02 11:39:56 -07:00
Evan Hunt
7dc54fa6f2 Refactor dispatch, resolver and request
Since every dispsock was associated with a dispentry anyway (though not
always vice versa), the members of dispsock have been combined into
dispentry, which is now reference-counted.  dispentry objects are now
attached before connecting and detached afterward to prevent races
between the connect callback and dns_dispatch_removeresponse().

Dispatch and dispatchmgr objects are now reference counted as well, and
the shutdown process has been simplified.  reference counting of
resquery and request objects has also been cleaned up significantly.

dns_dispatch_cancel() now flags a dispentry as having been canceled, so
that if the connect callback runs after cancellation, it will not
initiate a read.

The isblackholed() function has been simplified.
2021-10-02 11:39:56 -07:00
Evan Hunt
08ce69a0ea Rewrite dns_resolver and dns_request to use netmgr timeouts
- The `timeout_action` parameter to dns_dispatch_addresponse() been
  replaced with a netmgr callback that is called when a dispatch read
  times out.  this callback may optionally reset the read timer and
  resume reading.

- Added a function to convert isc_interval to milliseconds; this is used
  to translate fctx->interval into a value that can be passed to
  dns_dispatch_addresponse() as the timeout.

- Note that netmgr timeouts are accurate to the millisecond, so code to
  check whether a timeout has been reached cannot rely on microsecond
  accuracy.

- If serve-stale is configured, then a timeout received by the resolver
  may trigger it to return stale data, and then resume waiting for the
  read timeout. this is no longer based on a separate stale timer.

- The code for canceling requests in request.c has been altered so that
  it can run asynchronously.

- TCP timeout events apply to the dispatch, which may be shared by
  multiple queries.  since in the event of a timeout we have no query ID
  to use to identify the resp we wanted, we now just send the timeout to
  the oldest query that was pending.

- There was some additional refactoring in the resolver: combining
  fctx_join() and fctx_try_events() into one function to reduce code
  duplication, and using fixednames in fetchctx and fetchevent.

- Incidental fix: new_adbaddrinfo() can't return NULL anymore, so the
  code can be simplified.
2021-10-02 11:39:56 -07:00
Evan Hunt
308bc46a59 Convert dispatch to netmgr
The flow of operations in dispatch is changing and will now be similar
for both UDP and TCP queries:

1) Call dns_dispatch_addresponse() to assign a query ID and register
   that we'll be listening for a response with that ID soon. the
   parameters for this function include callback functions to inform the
   caller when the socket is connected and when the message has been
   sent, as well as a task action that will be sent when the response
   arrives. (later this could become a netmgr callback, but at this
   stage to minimize disruption to the calling code, we continue to use
   isc_task for the response event.) on successful completion of this
   function, a dispatch entry object will be instantiated.

2) Call dns_dispatch_connect() on the dispatch entry. this runs
   isc_nm_udpconnect() or isc_nm_tcpdnsconnect(), as needed, and begins
   listening for responses. the caller is informed via a callback
   function when the connection is established.

3) Call dns_dispatch_send() on the dispatch entry. this runs
   isc_nm_send() to send a request.

4) Call dns_dispatch_removeresponse() to terminate listening and close
   the connection.

Implementation comments below:

- As we will be using netmgr buffers now.  code to send the length in
  TCP queries has also been removed as that is handled by the netmgr.

- TCP dispatches can be used by multiple simultaneous queries, so
  dns_dispatch_connect() now checks whether the dispatch is already
  connected before calling isc_nm_tcpdnsconnect() again.

- Running dns_dispatch_getnext() from a non-network thread caused a
  crash due to assertions in the netmgr read functions that appear to be
  unnecessary now. the assertions have been removed.

- fctx->nqueries was formerly incremented when the connection was
  successful, but is now incremented when the query is started and
  decremented if the connection fails.

- It's no longer necessary for each dispatch to have a pool of tasks, so
  there's now a single task per dispatch.

- Dispatch code to avoid UDP ports already in use has been removed.

- dns_resolver and dns_request have been modified to use netmgr callback
  functions instead of task events. some additional changes were needed
  to handle shutdown processing correctly.

- Timeout processing is not yet fully converted to use netmgr timeouts.

- Fixed a lock order cycle reported by TSAN (view -> zone-> adb -> view)
  by by calling dns_zt functions without holding the view lock.
2021-10-02 11:39:56 -07:00
Evan Hunt
e76a7f764e Move isc_socket_cancel() calls into dispatch
We now use dns_dispatch_cancel() for this purpose. NOTE: The caller
still has to track whether there are pending send or connect events in
the dispatch or dispatch entry; later this should be moved into the
dispatch module as well.

Also removed some public dns_dispatch_*() API calls that are no longer
used outside dispatch itself.
2021-10-02 11:39:56 -07:00
Evan Hunt
2523be1cbe Move isc_socket_sendto2() calls into dispatch
We now use dns_dispatch_send() for this purpose.
2021-10-02 11:39:56 -07:00
Evan Hunt
655e7fcacc Move isc_socket_getsockname() calls into dispatch
We now use dns_dispentry_getlocaladdress(). (this API is likely to be
cleaned up further later.)
2021-10-02 11:39:56 -07:00
Evan Hunt
9f9a327b22 Move isc_socket_connect() calls into dispatch
dns_dispatch_connect() connects a dispatch socket (for TCP) or a
dispatch entry socket (for UDP). This is the next step in moving all
uses of the isc_socket code into the dispatch module.

This API is temporary; it needs to be cleaned up further so that it can
be called the same way for both TCP and UDP.
2021-10-02 11:39:56 -07:00
Evan Hunt
2c7232d82f Temporarily move dns_tcpmsg functionality into dispatch
Continuing the effort to move all uses of the isc_socket API into
dispatch.c, this commit removes the dns_tcpmsg module entirely, as
dispatch was its only caller, and moves the parts of its functionality
that were being used into the dispatch module.

This code will be removed when we switch to using netmgr TCPDNS.
2021-10-02 11:39:56 -07:00
Evan Hunt
4f30b679e7 Creating TCP dispatch now creates/binds the socket
Previously, creation of TCP dispatches differed from UDP in that a TCP
dispatch was created to attach to an existing socket, whereas a UDP
dispatch would be created in a vacuum and sockets would be opened on
demand when a transaction was initiated.

We are moving as much socket code as possible into the dispatch module,
so that it can be replaced with a netmgr version as easily as
possible. (This will also have the side effect of making TCP and UDP
dispatches more similar.)

As a step in that direction, this commit changes
dns_dispatch_createtcp() so that it creates the TCP socket.
2021-10-02 11:39:34 -07:00
Evan Hunt
f439eb5d99 Dispatch API simplification
- Many dispatch attributes can be set implicitly instead of being passed
  in. we can infer whether to set DNS_DISPATCHATTR_TCP or _UDP from
  whether we're calling dns_dispatch_createtcp() or _createudp().  we
  can also infer DNS_DISPATCHATTR_IPV4 or _IPV6 from the addresses or
  the socket that were passed in.

- We no longer use dup'd sockets in UDP dispatches, so the 'dup_socket'
  parameter has been removed from dns_dispatch_createudp(), along with
  the code implementing it. also removed isc_socket_dup() since it no
  longer has any callers.

- The 'buffersize' parameter was ignored and has now been removed;
  buffersize is now fixed at 4096.

- Maxbuffers and maxrequests don't need to be passed in on every call to
  dns_dispatch_createtcp() and _createudp().

  In all current uses, the value for mgr->maxbuffers will either be
  raised once from its default of 20000 to 32768, or else left
  alone. (passing in a value lower than 20000 does not lower it.) there
  isn't enough difference between these values for there to be any need
  to configure this.

  The value for disp->maxrequests controls both the quota of concurrent
  requests for a dispatch and also the size of the dispatch socket
  memory pool. it's not clear that this quota is necessary at all. the
  memory pool size currently starts at 32768, but is sometimes lowered
  to 4096, which is definitely unnecessary.

  This commit sets both values permanently to 32768.

- Previously TCP dispatches allocated their own separate QID table,
  which didn't incorporate a port table. this commit removes
  per-dispatch QID tables and shares the same table between all
  dispatches. since dispatches are created for each TCP socket, this may
  speed up the dispatch allocation process. there may be a slight
  increase in lock contention since all dispatches are sharing a single
  QID table, but since TCP sockets are used less often than UDP
  sockets (which were already sharing a QID table), it should not be a
  substantial change.

- The dispatch port table was being used to determine whether a port was
  already in use; if so, then a UDP socket would be bound with
  REUSEADDR. this commit removes the port table, and always binds UDP
  sockets that way.
2021-10-02 10:21:49 +02:00
Evan Hunt
9fd375217d Remove DNS_DISPATCHATTR_MAKEQUERY
This attribute was set but was no longer being used.
2021-10-02 10:21:46 +02:00
Evan Hunt
5dcf55da03 Remove support for shared UDP dispatch sockets
Currently the netmgr doesn't support unconnected, shared UDP sockets, so
there's no reason to retain that functionality in the dispatcher prior
to porting to the netmgr.

In this commit, the DNS_DISPATCHATTR_EXCLUSIVE attribute has been
removed as it is now non-optional; UDP dispatches are alwasy exclusive.
Code implementing non-exclusive UDP dispatches has been removed.
dns_dispatch_getentrysocket() now always returns the dispsocket for UDP
dispatches and the dispatch socket for TCP dispatches.

There is no longer any need to search for existing dispatches from
dns_dispatch_getudp(), so the 'mask' option has been removed, and the
function renamed to the more descriptive dns_dispatch_createudp().
2021-10-02 10:21:43 +02:00
Evan Hunt
5863acc907 Make sharing of pending TCP dispatches nonoptional
The DNS_REQUESTOPT_SHARE flag was added when client-side pipelining of
TCP queries was implemented. there was no need to make it optional;
forcing it to be in effect for all requests simplfiies the code.
2021-10-02 10:21:35 +02:00
Evan Hunt
ca11f68d61 Simplify dns_dispatchmgr_create with fixed buffersize
- UDP buffersize is now established when creating dispatch manager
  and is always set to 4096.

- Set up the default port range in dispatchmgr before setting the magic
  number.

- Magic is not set until dispatchmgr is fully created.
2021-10-02 10:21:32 +02:00
Evan Hunt
57fce0e895 Remove some DNS_DISPATCHATTR flags
- DNS_DISPATCHATTR_CANREUSE was never set. the code that implements it
  has been removed.

- DNS_DISPATCHOPT_FIXEDID and DNS_DISPATCHATTR_FIXEDID were both
  defined, but only the DISPATCHOPT was ever set; it appears the
  DISPATCHATTR was added accidentally.

- DNS_DISPATCHATTR_NOLISTEN was set but never used.
2021-10-02 10:21:25 +02:00
Evan Hunt
c69f2018a3 Remove unused code in dispatch.c
Some routines in dispatch.c are obsolete and unused; clean them up
before porting to netmgr.
2021-10-02 10:21:22 +02:00
Ondřej Surý
edee9440d0 Remove the mastefile-format map option
As previously announced, this commit removes the masterfile-format
format 'map' from named, all the tools, the documentation and the
system tests.
2021-09-17 07:09:50 +02:00
Evan Hunt
a27860ba57 mark "cache-file" as ancient and remove all code implementing it
"cache-file" was already documented as intended for testing
purposes only and not to be used, so we can remove it without
waiting.  this commit marks the option as "ancient", and
removes all the documentation and implementing code, including
dns_cache_setfilename() and dns_cache_dump().

it also removes the documentation for the '-x cachefile`
parameter to named, which had already been removed, but the man
page was not updated at the time.
2021-09-16 00:19:02 -07:00
Aram Sargsyan
ae53919154 Add synonym configuration options for catalog zones
This commit adds 'primaries' and 'default-primaries' catalog zones
configuration options synonyms for 'masters' and 'default-masters'
respectively.
2021-09-09 21:54:10 +00:00